Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/cb2bib-2.0.0/src/findDialog.h
Examining data/cb2bib-2.0.0/src/c2bTests.h
Examining data/cb2bib-2.0.0/src/c2bFileSystemWatcher.h
Examining data/cb2bib-2.0.0/src/c2bSaveREHighlighter.cpp
Examining data/cb2bib-2.0.0/src/c2bNetworkQueryInfo.cpp
Examining data/cb2bib-2.0.0/src/c2bUpdateMetadata.cpp
Examining data/cb2bib-2.0.0/src/c2bCollectionIndex.h
Examining data/cb2bib-2.0.0/src/c2bExport.cpp
Examining data/cb2bib-2.0.0/src/c2bTextBrowser.cpp
Examining data/cb2bib-2.0.0/src/c2bSearchInFilesPattern.h
Examining data/cb2bib-2.0.0/src/c2b.cpp
Examining data/cb2bib-2.0.0/src/c2bLineEdit.h
Examining data/cb2bib-2.0.0/src/c2b/substringMatcher.cpp
Examining data/cb2bib-2.0.0/src/c2b/compositePattern.h
Examining data/cb2bib-2.0.0/src/c2b/pubmedXml.cpp
Examining data/cb2bib-2.0.0/src/c2b/collectionIndex.h
Examining data/cb2bib-2.0.0/src/c2b/bibPreparser.h
Examining data/cb2bib-2.0.0/src/c2b/documentCache.h
Examining data/cb2bib-2.0.0/src/c2b/texParser.cpp
Examining data/cb2bib-2.0.0/src/c2b/monthDB.cpp
Examining data/cb2bib-2.0.0/src/c2b/approximatePattern.cpp
Examining data/cb2bib-2.0.0/src/c2b/authorString.h
Examining data/cb2bib-2.0.0/src/c2b/texToHtml.h
Examining data/cb2bib-2.0.0/src/c2b/approximatePattern.h
Examining data/cb2bib-2.0.0/src/c2b/journalDB.h
Examining data/cb2bib-2.0.0/src/c2b/heuristicBibParser.h
Examining data/cb2bib-2.0.0/src/c2b/posTagger.h
Examining data/cb2bib-2.0.0/src/c2b/bibExtractor.cpp
Examining data/cb2bib-2.0.0/src/c2b/settings.h
Examining data/cb2bib-2.0.0/src/c2b/documentCache.cpp
Examining data/cb2bib-2.0.0/src/c2b/cb2bib_utilities.h
Examining data/cb2bib-2.0.0/src/c2b/networkQuery.h
Examining data/cb2bib-2.0.0/src/c2b/preprocess.cpp
Examining data/cb2bib-2.0.0/src/c2b/bibExtractor.h
Examining data/cb2bib-2.0.0/src/c2b/pubmedXml.h
Examining data/cb2bib-2.0.0/src/c2b/coreBibParser.h
Examining data/cb2bib-2.0.0/src/c2b/collectionAnalyzer.h
Examining data/cb2bib-2.0.0/src/c2b/authorString.cpp
Examining data/cb2bib-2.0.0/src/c2b/posTagger.cpp
Examining data/cb2bib-2.0.0/src/c2b/triads.cpp
Examining data/cb2bib-2.0.0/src/c2b/cb2bib_utilities.cpp
Examining data/cb2bib-2.0.0/src/c2b/documentParser.cpp
Examining data/cb2bib-2.0.0/src/c2b/bibReference.h
Examining data/cb2bib-2.0.0/src/c2b/documentParser.h
Examining data/cb2bib-2.0.0/src/c2b/compositePattern.cpp
Examining data/cb2bib-2.0.0/src/c2b/arxivXml.h
Examining data/cb2bib-2.0.0/src/c2b/crJson.h
Examining data/cb2bib-2.0.0/src/c2b/metadataParser.cpp
Examining data/cb2bib-2.0.0/src/c2b/idMaker.h
Examining data/cb2bib-2.0.0/src/c2b/network.cpp
Examining data/cb2bib-2.0.0/src/c2b/document.h
Examining data/cb2bib-2.0.0/src/c2b/preprocess.h
Examining data/cb2bib-2.0.0/src/c2b/bibSearcher.cpp
Examining data/cb2bib-2.0.0/src/c2b/triads.h
Examining data/cb2bib-2.0.0/src/c2b/texParser.h
Examining data/cb2bib-2.0.0/src/c2b/bibPreparser.cpp
Examining data/cb2bib-2.0.0/src/c2b/heuristicBibParser.cpp
Examining data/cb2bib-2.0.0/src/c2b/searchPattern.cpp
Examining data/cb2bib-2.0.0/src/c2b/searchPattern.h
Examining data/cb2bib-2.0.0/src/c2b/coreBibParser.cpp
Examining data/cb2bib-2.0.0/src/c2b/monthDB.h
Examining data/cb2bib-2.0.0/src/c2b/collectionIndex.cpp
Examining data/cb2bib-2.0.0/src/c2b/wordMatcher.h
Examining data/cb2bib-2.0.0/src/c2b/document.cpp
Examining data/cb2bib-2.0.0/src/c2b/substringMatcher.h
Examining data/cb2bib-2.0.0/src/c2b/networkQuery.cpp
Examining data/cb2bib-2.0.0/src/c2b/collectionAnalyzer.cpp
Examining data/cb2bib-2.0.0/src/c2b/bibSearcher.h
Examining data/cb2bib-2.0.0/src/c2b/idMaker.cpp
Examining data/cb2bib-2.0.0/src/c2b/texToHtml.cpp
Examining data/cb2bib-2.0.0/src/c2b/journalDB.cpp
Examining data/cb2bib-2.0.0/src/c2b/wordMatcher.cpp
Examining data/cb2bib-2.0.0/src/c2b/wordPattern.cpp
Examining data/cb2bib-2.0.0/src/c2b/settings.cpp
Examining data/cb2bib-2.0.0/src/c2b/network.h
Examining data/cb2bib-2.0.0/src/c2b/bibParser.cpp
Examining data/cb2bib-2.0.0/src/c2b/wordPattern.h
Examining data/cb2bib-2.0.0/src/c2b/crJson.cpp
Examining data/cb2bib-2.0.0/src/c2b/metadataParser.h
Examining data/cb2bib-2.0.0/src/c2b/cb2bib_parameters.h
Examining data/cb2bib-2.0.0/src/c2b/bibParser.h
Examining data/cb2bib-2.0.0/src/c2b/documentContents.h
Examining data/cb2bib-2.0.0/src/c2b/arxivXml.cpp
Examining data/cb2bib-2.0.0/src/bookmarkPlugin.h
Examining data/cb2bib-2.0.0/src/c2bConfigure.h
Examining data/cb2bib-2.0.0/src/c2bCiterView.h
Examining data/cb2bib-2.0.0/src/c2bCiterHistory.cpp
Examining data/cb2bib-2.0.0/src/c2bClipEdit.cpp
Examining data/cb2bib-2.0.0/src/c2bPostprocess.cpp
Examining data/cb2bib-2.0.0/src/c2bCiterView.cpp
Examining data/cb2bib-2.0.0/src/c2bIdLineEdit.cpp
Examining data/cb2bib-2.0.0/src/c2bBibPreparserLog.cpp
Examining data/cb2bib-2.0.0/src/c2bExportDialog.cpp
Examining data/cb2bib-2.0.0/src/c2bCiterWidget.cpp
Examining data/cb2bib-2.0.0/src/c2bClipboard.cpp
Examining data/cb2bib-2.0.0/src/c2bCiterHistory.h
Examining data/cb2bib-2.0.0/src/c2bHighlighter.cpp
Examining data/cb2bib-2.0.0/src/c2bNetworkQueryInfo.h
Examining data/cb2bib-2.0.0/src/c2bComboBox.cpp
Examining data/cb2bib-2.0.0/src/c2bColors.cpp
Examining data/cb2bib-2.0.0/src/c2bCoreCiter.cpp
Examining data/cb2bib-2.0.0/src/qweb/engine/c2bWebBrowser.cpp
Examining data/cb2bib-2.0.0/src/qweb/engine/c2bWebBrowser.h
Examining data/cb2bib-2.0.0/src/qweb/kit/c2bWebBrowser.cpp
Examining data/cb2bib-2.0.0/src/qweb/kit/c2bWebBrowser.h
Examining data/cb2bib-2.0.0/src/c2bBibParser.h
Examining data/cb2bib-2.0.0/src/c2bPostprocess.h
Examining data/cb2bib-2.0.0/src/c2bSaveREHighlighter.h
Examining data/cb2bib-2.0.0/src/c2bTextEdit.cpp
Examining data/cb2bib-2.0.0/src/c2bClipboard.h
Examining data/cb2bib-2.0.0/src/c2bTextEdit.h
Examining data/cb2bib-2.0.0/src/c2bCiterModel.cpp
Examining data/cb2bib-2.0.0/src/c2bAnnote.cpp
Examining data/cb2bib-2.0.0/src/c2bCiter.h
Examining data/cb2bib-2.0.0/src/c2bShortcutPushButton.cpp
Examining data/cb2bib-2.0.0/src/c2bShortcutWidget.cpp
Examining data/cb2bib-2.0.0/src/c2bShortcutWidget.h
Examining data/cb2bib-2.0.0/src/c2bTests.cpp
Examining data/cb2bib-2.0.0/src/c2bREHighlighter.h
Examining data/cb2bib-2.0.0/src/c2bConsole.cpp
Examining data/cb2bib-2.0.0/src/c2bSaveRegExp.cpp
Examining data/cb2bib-2.0.0/src/c2bShortcutPushButton.h
Examining data/cb2bib-2.0.0/src/c2bUtils.h
Examining data/cb2bib-2.0.0/src/c2bClipEdit.h
Examining data/cb2bib-2.0.0/src/c2bReferenceList.cpp
Examining data/cb2bib-2.0.0/src/c2bConfigureFR.h
Examining data/cb2bib-2.0.0/src/c2bRLWebSearchSettings.h
Examining data/cb2bib-2.0.0/src/c2bHighlighter.h
Examining data/cb2bib-2.0.0/src/c2bExport.h
Examining data/cb2bib-2.0.0/src/c2bBibPreparserLog.h
Examining data/cb2bib-2.0.0/src/c2bSaveRegExp.h
Examining data/cb2bib-2.0.0/src/c2bSearchInFilesPattern.cpp
Examining data/cb2bib-2.0.0/src/c2bEditor.h
Examining data/cb2bib-2.0.0/src/c2bRLWebSearchSettings.cpp
Examining data/cb2bib-2.0.0/src/c2bUtils.cpp
Examining data/cb2bib-2.0.0/src/c2bColors.h
Examining data/cb2bib-2.0.0/src/clipboardPoll.cpp
Examining data/cb2bib-2.0.0/src/c2bCoreCiter.h
Examining data/cb2bib-2.0.0/src/c2bCiterWidget.h
Examining data/cb2bib-2.0.0/src/c2bTextBrowser.h
Examining data/cb2bib-2.0.0/src/c2bSearchInFiles.cpp
Examining data/cb2bib-2.0.0/src/cb2Bib.cpp
Examining data/cb2bib-2.0.0/src/c2bComboBox.h
Examining data/cb2bib-2.0.0/src/c2bREHighlighter.cpp
Examining data/cb2bib-2.0.0/src/findDialog.cpp
Examining data/cb2bib-2.0.0/src/c2bConfigure.cpp
Examining data/cb2bib-2.0.0/src/c2bSettings.h
Examining data/cb2bib-2.0.0/src/c2bEditor.cpp
Examining data/cb2bib-2.0.0/src/qtsingleapplication/src/qtlockedfile.h
Examining data/cb2bib-2.0.0/src/qtsingleapplication/src/qtlocalpeer.cpp
Examining data/cb2bib-2.0.0/src/qtsingleapplication/src/qtlockedfile.cpp
Examining data/cb2bib-2.0.0/src/qtsingleapplication/src/qtsingleapplication.h
Examining data/cb2bib-2.0.0/src/qtsingleapplication/src/qtlockedfile_win.cpp
Examining data/cb2bib-2.0.0/src/qtsingleapplication/src/qtsinglecoreapplication.h
Examining data/cb2bib-2.0.0/src/qtsingleapplication/src/qtlocalpeer.h
Examining data/cb2bib-2.0.0/src/qtsingleapplication/src/qtsinglecoreapplication.cpp
Examining data/cb2bib-2.0.0/src/qtsingleapplication/src/qtsingleapplication.cpp
Examining data/cb2bib-2.0.0/src/qtsingleapplication/src/qtlockedfile_unix.cpp
Examining data/cb2bib-2.0.0/src/c2bSettings.cpp
Examining data/cb2bib-2.0.0/src/c2bUpdateMetadata.h
Examining data/cb2bib-2.0.0/src/c2bIdLineEdit.h
Examining data/cb2bib-2.0.0/src/main.cpp
Examining data/cb2bib-2.0.0/src/c2bBibMenu.cpp
Examining data/cb2bib-2.0.0/src/c2bLineEdit.cpp
Examining data/cb2bib-2.0.0/src/dialog.h
Examining data/cb2bib-2.0.0/src/c2bFileDialog.cpp
Examining data/cb2bib-2.0.0/src/c2bConsole.h
Examining data/cb2bib-2.0.0/src/c2bCiterModel.h
Examining data/cb2bib-2.0.0/src/c2bAnnote.h
Examining data/cb2bib-2.0.0/src/c2bBibParser.cpp
Examining data/cb2bib-2.0.0/src/c2bExportDialog.h
Examining data/cb2bib-2.0.0/src/c2bBibMenu.h
Examining data/cb2bib-2.0.0/src/c2bNetworkQuery.h
Examining data/cb2bib-2.0.0/src/c2bSearchInFiles.h
Examining data/cb2bib-2.0.0/src/cb2Bib.h
Examining data/cb2bib-2.0.0/src/c2bReferenceList.h
Examining data/cb2bib-2.0.0/src/c2bConfigureFR.cpp
Examining data/cb2bib-2.0.0/src/c2bBibHighlighter.h
Examining data/cb2bib-2.0.0/src/c2bCiterExcerptView.h
Examining data/cb2bib-2.0.0/src/c2bNetworkQuery.cpp
Examining data/cb2bib-2.0.0/src/clipboardPoll.h
Examining data/cb2bib-2.0.0/src/c2bCiterExcerptView.cpp
Examining data/cb2bib-2.0.0/src/bookmarkPlugin.cpp
Examining data/cb2bib-2.0.0/src/c2bFileDialog.h
Examining data/cb2bib-2.0.0/src/c2bPdfImport.h
Examining data/cb2bib-2.0.0/src/c2bFileSystemWatcher.cpp
Examining data/cb2bib-2.0.0/src/c2b.h
Examining data/cb2bib-2.0.0/src/c2bBibHighlighter.cpp
Examining data/cb2bib-2.0.0/src/c2bPdfImport.cpp
Examining data/cb2bib-2.0.0/src/c2bCollectionIndex.cpp
Examining data/cb2bib-2.0.0/src/win/WinConsole.cpp
Examining data/cb2bib-2.0.0/src/win/WinConsole.h
Examining data/cb2bib-2.0.0/src/win/main.cpp
Examining data/cb2bib-2.0.0/xpdf/pdftohtml.cc
Examining data/cb2bib-2.0.0/xpdf/HTMLGen.h
Examining data/cb2bib-2.0.0/xpdf/HTMLGen.cc
FINAL RESULTS:
data/cb2bib-2.0.0/src/c2b/bibParser.cpp:510:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly | QIODevice::Text);
data/cb2bib-2.0.0/src/c2b/bibSearcher.cpp:236:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2b/cb2bib_utilities.h:255:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (f.open(QIODevice::ReadOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2b/cb2bib_utilities.h:276:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (f.open(QIODevice::WriteOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2b/cb2bib_utilities.h:323:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
const QChar open('{');
data/cb2bib-2.0.0/src/c2b/cb2bib_utilities.h:329:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (si == open)
data/cb2bib-2.0.0/src/c2b/collectionAnalyzer.cpp:116:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (documentslf.open(QIODevice::ReadOnly))
data/cb2bib-2.0.0/src/c2b/collectionAnalyzer.cpp:130:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (sentenceslf.open(QIODevice::ReadOnly))
data/cb2bib-2.0.0/src/c2b/collectionAnalyzer.cpp:142:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (documentsif.open(QIODevice::ReadOnly))
data/cb2bib-2.0.0/src/c2b/collectionAnalyzer.cpp:220:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (sentencesif.open(QIODevice::ReadOnly))
data/cb2bib-2.0.0/src/c2b/collectionAnalyzer.cpp:279:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (documentsif.open(QIODevice::ReadOnly))
data/cb2bib-2.0.0/src/c2b/collectionAnalyzer.cpp:306:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (sentencesif.open(QIODevice::ReadOnly))
data/cb2bib-2.0.0/src/c2b/collectionIndex.cpp:176:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (documentslf.open(QIODevice::WriteOnly))
data/cb2bib-2.0.0/src/c2b/collectionIndex.cpp:192:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (documentsif.open(QIODevice::WriteOnly))
data/cb2bib-2.0.0/src/c2b/collectionIndex.cpp:289:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (sentenceslf.open(QIODevice::WriteOnly))
data/cb2bib-2.0.0/src/c2b/collectionIndex.cpp:313:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (sentencesif.open(QIODevice::WriteOnly))
data/cb2bib-2.0.0/src/c2b/documentCache.cpp:41:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::ReadOnly))
data/cb2bib-2.0.0/src/c2b/documentCache.cpp:149:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(QIODevice::WriteOnly))
data/cb2bib-2.0.0/src/c2b/journalDB.cpp:25:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2b/metadataParser.cpp:180:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (f.open(QIODevice::ReadOnly))
data/cb2bib-2.0.0/src/c2b/network.cpp:324:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!_destination_file.open(QIODevice::WriteOnly))
data/cb2bib-2.0.0/src/c2b/networkQuery.cpp:267:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly | QIODevice::Text);
data/cb2bib-2.0.0/src/c2b/posTagger.cpp:48:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!lexf.open(QIODevice::ReadOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2b/settings.cpp:373:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadWrite | QIODevice::Text))
data/cb2bib-2.0.0/src/c2bBibParser.cpp:34:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open(QIODevice::ReadOnly | QIODevice::Text)) // jdbfile.exists wouldn't produce an errorString
data/cb2bib-2.0.0/src/c2bBibParser.cpp:187:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open(QIODevice::ReadOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2bCoreCiter.cpp:68:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int pipeFd = ::open(pipe, O_WRONLY);
data/cb2bib-2.0.0/src/c2bCoreCiter.cpp:70:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (file.open(pipeFd, QIODevice::WriteOnly))
data/cb2bib-2.0.0/src/c2bEditor.cpp:489:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::WriteOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2bEditor.cpp:572:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2bNetworkQuery.cpp:32:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2bNetworkQueryInfo.cpp:53:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2bPostprocess.cpp:40:12: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!f.open(QIODevice::ReadOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2bSettings.cpp:237:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2bTests.cpp:271:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly);
data/cb2bib-2.0.0/src/c2bTests.cpp:296:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::WriteOnly);
data/cb2bib-2.0.0/src/c2bTests.cpp:381:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!file.open(QIODevice::ReadOnly | QIODevice::Text))
data/cb2bib-2.0.0/src/c2bTests.cpp:567:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open(QIODevice::ReadOnly);
data/cb2bib-2.0.0/src/cb2Bib.cpp:1491:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
is_writable = bibtexfile.open(QIODevice::WriteOnly | QIODevice::Text | QIODevice::Append);
data/cb2bib-2.0.0/src/cb2Bib.cpp:1493:34: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
is_writable = bibtexfile.open(QIODevice::WriteOnly | QIODevice::Text);
data/cb2bib-2.0.0/src/cb2Bib.cpp:2027:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool fopen;
data/cb2bib-2.0.0/src/cb2Bib.cpp:2029:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen = file.open(QIODevice::WriteOnly | QIODevice::Text | QIODevice::Append);
data/cb2bib-2.0.0/src/cb2Bib.cpp:2031:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen = file.open(QIODevice::WriteOnly | QIODevice::Text);
data/cb2bib-2.0.0/src/cb2Bib.cpp:2033:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fopen)
data/cb2bib-2.0.0/src/cb2Bib.cpp:2071:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool fopen;
data/cb2bib-2.0.0/src/cb2Bib.cpp:2073:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen = file.open(QIODevice::WriteOnly | QIODevice::Text | QIODevice::Append);
data/cb2bib-2.0.0/src/cb2Bib.cpp:2075:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen = file.open(QIODevice::WriteOnly | QIODevice::Text);
data/cb2bib-2.0.0/src/cb2Bib.cpp:2077:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (fopen)
data/cb2bib-2.0.0/src/qtsingleapplication/src/qtlocalpeer.cpp:112:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
lockFile.open(QIODevice::ReadWrite);
data/cb2bib-2.0.0/src/qtsingleapplication/src/qtlockedfile.cpp:123:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool QtLockedFile::open(OpenMode mode)
data/cb2bib-2.0.0/src/qtsingleapplication/src/qtlockedfile.cpp:130:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
return QFile::open(mode);
data/cb2bib-2.0.0/src/qtsingleapplication/src/qtlockedfile.h:77:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool open(OpenMode mode);
data/cb2bib-2.0.0/xpdf/pdftohtml.cc:30:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ownerPassword[33] = "\001";
data/cb2bib-2.0.0/xpdf/pdftohtml.cc:31:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char userPassword[33] = "\001";
data/cb2bib-2.0.0/xpdf/pdftohtml.cc:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char cfgFileName[256] = "";
data/cb2bib-2.0.0/xpdf/pdftohtml.cc:170:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(htmlFile = fopen(htmlFileName->getCString(), "wb")))
data/cb2bib-2.0.0/src/qtsingleapplication/src/qtlocalpeer.cpp:174:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
res &= (socket.read(qstrlen(ack)) == ack);
ANALYSIS SUMMARY:
Hits = 57
Lines analyzed = 34768 in approximately 1.01 seconds (34571 lines/second)
Physical Source Lines of Code (SLOC) = 25978
Hits@level = [0] 49 [1] 1 [2] 56 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 106 [1+] 57 [2+] 56 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 4.08038 [1+] 2.19416 [2+] 2.15567 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.